PT-2026-6812 · Unknown · Wing Ftp Server
Dhiraj Mishra
·
Published
2026-02-06
·
Updated
2026-02-07
·
CVE-2020-37079
CVSS v3.1
4.3
Medium
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
Wing FTP Server versions prior to 6.2.7
Description
Wing FTP Server versions prior to 6.2.7 have a cross-site request forgery (CSRF) issue in the web administration interface. This allows attackers to delete administrative users by crafting a malicious HTML page with a hidden form that submits a request to delete the administrative user account without authorization.
Recommendations
Update Wing FTP Server to version 6.2.7 or later.
Exploit
Fix
CSRF
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Wing Ftp Server